I'm working in a enterprise network . all of the clients in this network are running VSE 8.8. I want to install another program client agent remotely by client agent push but i get this error message at client system's VSE:
4/28/2013 12:35:15 PM Blocked by Access Protection rule CSO\ADMIN System:Remote C:\WINDOWS\*************.RG6 Anti-virus Standard Protection:Prevent remote creation/modification of executable and configuration files Action blocked : Create
what should I do to get past this error message and install the client agent securely without putting the whole network in security risk.
Disable the rule? The rule is intended to prevent creation of executables on a remote machine. I don't see this as a huge security risk to turn off this rule. However, you can add the executable name to the rule as an exception if you wish.
Thanks for your reply.
Would you please give me a short instruction to how to exclude and which processes should be excluded? I've already done some work around but I want to make sure that I'm on the safe side.
according to KB68560 making exclusion to a rule (and specifically to your rule) where "process" name is System:Remote is not possible because no process name makes it across the network so none is available to Virusscan (as we could have been thought). The article recommend disabling the rule.